I want to setup a public storage server which allows sftp and rsync (through ssh). I've got it working with a chroot jail and rssh. When the user connects to the server with sftp he can read all the files in the chroot jail (like /lib and /bin) in the chroot. Likewise with rsync (rsync --list-only user@server:/). I would like to have a setup where to user can only view and not leave his home directory.

An additional requirement is that the I don't want to setup a chroot environment for each user.

I already tried the chrootdirectory and forcecommand statements in sshd_config which works great for sftp but does not allow any rsync.

Granting ssh access does not necessarily imply full shell access, for example, this shows how to use the ssh authorized_keys file to allow backup via rsync while limiting available commands to just the rsync receiver.